Fake Notre Dame rebuilding donation sites are looking for money, better protect domain name servers and how iPhone users being tricked
Welcome to Cyber Security Today. It’s Friday April 19th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com. To hear the podcast, click on the arrow below:
Criminals try to exploit whatever’s hot in the news to sucker you into giving them money. Now there are fund-raising scams for the re-building of Notre Dame cathedral in Paris after this week’s fire. According to security vendor ZeroFox. there are a number of fake donation sites. One of them on the JustGiving crowdfunding site is called ‘Friends of Notre Dame de Paris.’ You should also beware of social media messages with Notre Dame hashtags. There is a legitimate website called www.notredamedeparis.fr. Be cautious of unfamiliar individuals or organizations asking you to wire money or send money through a gift card. And check with these two websites that rate charities: Charity Watch, and Charity Navigator.
There’s no shortage of telephone computing scams. Here’s another I was told of this week: You get a call that says “This is the computer maintenance department. We have charged your account $299. Hit 2 to talk to a support person.” A person will try to convince you that you did agree to a service. As proof they might bluff by saying they have your credit card, and rhyme off a few digits from your card. Listen, the first couple of digits from a card are specific to a country. So anyone can know those numbers. Don’t get flustered or worried. This is a scam. Hang up. Report it to the Canadian Anti-Fraud Centre in Canada, or the U.S. Federal Communications Commission.
There’s another warning out for organizations to protect their domain name servers. These are the servers that change an Internet address that you use, like itworldcanada.com, into the set of numbers that are really used behind the scenes to go to web sites. According to Cisco Systems’ Talos threat intelligence service, someone has been hijacking the DNS systems of dozens organizations and Internet providers and DNS registrars in 13 countries since 2017. As a result the attackers could divert and steal Internet traffic, including passwords of interesting companies or government departments. Cisco suspects a country is behind these attacks. For those running a DNS service it’s important to use a registry lock. If you can’t do that, then administrators who can access the DNS records must use multi-factor authentication for login.
iPhone users should be on alert to the increasing number of malvertising campaigns going around. According to advertising news site Confiant, one particular group is especially active around holidays and weekends. A common technique of this gang is to insert code into legitimate advertising sites to push popup messages to iPhone and iPad users. For example, one message says “Dear Verizon customer,” and says you’ve been entered into a contest to win a cellphone. All you have to do is click OK. Sometimes, however, you’re just highjacked and you get taken unwillingly to another site. The end result is malware gets downloaded on your phone, or there are phony clicks on advertising that gets the gang money. One of the things you can do is stop using the Google Chrome browser on an iOS device because it doesn’t block pop-ups well. Google is working on a solution. Meanwhile advertisers have to do a better job of making sure their web sites aren’t exploited by bad guys.
Finally, word on some updates: If you administer a site using the Drupal content management framework, make sure you install the latest security updates, which were released this week. These are described as “moderately critical.” And Cisco Systems released fixes for its ASR 9000 routers, the Wireless LAN Controller software and a number of other products.
That’s it for Cyber Security Today, which has been named by Feedspot as one of the Top 10 cyber security podcasts. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon